LISTINGS OF THE CLAIMS 



1 . (currently amended) An integrated intrusion detection method comprising: 
gathering information from a plurality of different types of intrusion 

detection sensors; 

processing said information, wherein said processing provides a 
consolidated correlation of said information; 

assigning a severity to said information based on an enterprise wide 
security policy; 

assigning a response corresponding to said information and 
corresponding to said severity ; and 

implementing said response according to said severity . 

2. (original) An integrated intrusion detection method of Claim 1 wherein said 
information includes intrusion detection alerts. 

3. (original) An integrated intrusion detection method of Claim 2 further 
comprising centrally tracking information associated with intrusion detection 
alerts from said plurality of different types of intrusion detection sensors. 

4. (original) An integrated intrusion detection method of Claim 3 wherein said 
tracking information associated with intrusion detection includes assigning 
severity assignments standardized across said plurality of different types of 
intrusion detection sensors. 

5. An integrated intrusion detection method of Claim 2 wherein said intrusion 
detection alerts are correlated based upon various alert attributes. 

6. (original) An integrated intrusion detection method of Claim 2 wherein said 
response conforms to an enterprise wide strategy. 
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7. (original) An integrated intrusion detection method of Claim 1 further 
comprising managing said intrusion detection sensors. 

8. (currently amended) A computer usable storage medium having computer 
readable program code embodied therein for causing a computer system to 
implement intrusion detection instructions comprising: 

a data collection module for receiving information from a plurality of 
different types of intrusion detection sensors, wherein said information indicates 
potential security issues; 

an information severity determination module for assigning a severity to 
said information based on an enterprise wide security policy; 

an integration module for integrating said information in a network 
application management platform; 

a reaction determination module for determining appropriate response to 
indication of said potential security issues according to said severity ; and 

a reaction direction module for directing said response according to said 
severity . 

9. (original) A computer usable storage medium of Claim 8 wherein said 
information includes intrusion detection system alert data. 

10. (original) A computer usable storage medium of Claim 8 wherein said 
integration module selects a hook in an intrusion detection system. 

1 1 . (original) A computer usable storage medium of Claim 8 wherein said data 
collection module logs alerts from said plurality of different types of intrusion 
detection sensors. 
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12. (original) A computer usable storage medium of Claim 8 wherein said 
alerts are provided by a simple network management protocol (SNMP), a system 
log and an application program interface. 

13. (original) A computer usable storage medium of Claim 8 wherein said 
integration module includes analyzing a plurality of manners in which an alert can 
be provided and selecting the manner that is the most secure with the least 
dependencies in a communication path. 

14. (original) A computer usable storage medium of Claim 8 wherein said 
integration module utilizes a network application management platform to log 
information. 

15. (original) A computer usable storage medium of Claim 14 wherein: 
an open view operation simple network management protocol trap is 

utilized to handle simple network management protocol trap based alerts; 

an open view operation log file encapsulator handles system log based 
alerts; and 

an open view message interceptor handles application program interface 
propagated alerts with the help of an operation message mechanism. 

16. (original) A computer usable medium of Claim 14 wherein a secure open 
view template configuration is utilized to log information and the one message 
group is configured for handling intrusion detection system alerts and another 
message group is configured for handling intrusion detection system errors. 

17-20 (cancelled) 
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